General

  • Target

    612113066c217272d45c54119814e73ee16b9f3261b1559d380624cd32c9e4bd

  • Size

    162KB

  • Sample

    210421-prz8l82k8e

  • MD5

    e7350b08f4290a14608013da91db743f

  • SHA1

    48c9926cbef20a99b9d3e5d7683eec14c624fa17

  • SHA256

    612113066c217272d45c54119814e73ee16b9f3261b1559d380624cd32c9e4bd

  • SHA512

    7bac1c7fbdd98188587f03e54babf6f1e0374ceff381cba1c1e43cefb16fb6ad291841afcc7b249e4fb8580a9804bb1a7f62c0090b3ccc4ee4d2e07b9c9f5305

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      612113066c217272d45c54119814e73ee16b9f3261b1559d380624cd32c9e4bd

    • Size

      162KB

    • MD5

      e7350b08f4290a14608013da91db743f

    • SHA1

      48c9926cbef20a99b9d3e5d7683eec14c624fa17

    • SHA256

      612113066c217272d45c54119814e73ee16b9f3261b1559d380624cd32c9e4bd

    • SHA512

      7bac1c7fbdd98188587f03e54babf6f1e0374ceff381cba1c1e43cefb16fb6ad291841afcc7b249e4fb8580a9804bb1a7f62c0090b3ccc4ee4d2e07b9c9f5305

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks